Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2739

Overview

Vulnerability Score 8.5 8.5
CVE Id CVE-2011-2739
Last Modified 13 Feb 2012 11:07:47
Published 09 Nov 2011 06:55:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2011-2739

Summary

The file-blocking feature in EMC Documentum eRoom 7.3.x and 7.4.x before 7.4.3.g does not properly restrict the uploading and opening of files with dangerous file types, which allows remote authenticated users to execute arbitrary code via an uploaded file.

Vulnerable Systems

Application

  • Emc Documentum Eroom 7.3.0

  • Emc Documentum Eroom 7.4.1

  • Emc Documentum Eroom 7.4.2

  • Emc Documentum Eroom 7.4.3


References

BUGTRAQ - 20111102 ESA-2011-032: EMC Documentum eRoom arbitrary file upload vulnerability.

SREASON - 8528


Last Updated: 27 May 2016 10:57:25